Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

If I understand correctly, FREAK refers to a \"vulnerability\" in which, when a

ID: 654856 • Letter: I

Question

If I understand correctly, FREAK refers to a "vulnerability" in which, when a client offers weak cipher suites (usually export-grade cipher suites with 40 or 56 bit encryption) and a server can accept those cipher suites, a man-in-the-middle can perform a downgrade attack to use one of those weak cipher suites, and then break them (through brute-force or other weaknesses). But is this really a new attack method? I thought downgrade attacks and the possibility to use them in this manner was already known for quite a while (and this is why TLS_FALLBACK_SCSV was created). Did it just now pop into the mainstream? Did some researchers decide to give it a "brand" name and present it as a new vulnerability (since many clients/servers still offer/accept those cipher suites)? Or is there something else behind it that's not mentioned in the news? Also, I would think major, modern browsers would not be configured to offer those weak cipher suites, or at least wouldn't use them without big warnings like with invalid certificates. Did browser developers really make such an oversight?

Explanation / Answer

No. TLS_FALLBACK_SCSV was designed to prevent protocol degradation (from TLSv1 to SSLv3 for example), not cipher degradations.

To mitigate against cipher degradations, the server needs to stop offer export ciphers, or the client needs to stop accepting export ciphers.

TLS_FALLBACK_SCSV is designed to fix the vulnerability of downgrades in the protocol (regardless of cipher used), because SSLv3 and prior protocols, do have vulnerabilitys that can be used regardless of cipher.

Preventing export ciphers in a client is cumbersome, because the client must support any legacy ciphers aswell for backwards compatibility. But you could check in about:config if there is possibility to disable export ciphers.

If you however is running a server, its very possible to prevent the server from offering export ciphers at all, by reconfiguring it to never offer export ciphers in the SSL configuration. Then any cipher downgrade attacks cannot happen.

Note that you still need to support TLS_FALLBACK_SCSV, since a protocol downgrade can still break a "strong" cipher due to vulnerabilitys in the implementation.

Related Questions

If I have a improvement in time with a creation of application (VBA program) to
Question #2343685
If I have a improvement in time with a creation of application (VBA program) to
Question #2676436
If I have a light ray trapped between two very reflective surfaces such that the
Question #2281284
If I have a mixture of 50% 2-chlorobenzoic acid, 40% flourene, 10% 1,4-dibromobe
Question #543744
If I have a perfectly balanced and thus fair cubic die, then polish 3 adjacent f
Question #1372785
If I have a process that contains 3 threads and theses threads are running concu
Question #3858118
If I have a python dataframe and I am need to print out the column and row and v
Question #3795288
If I have a set of (edit) positive integers, and I\'m sure that the pseudo-polyn
Question #646130
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
If I travel abroad and am concerned that when I land in the foreign country they
Next
If I understand correctly, it has something to do with autocorrelation function,

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.